Randy Resnick, director of the Zero Trust Portfolio Management Office within the Department of Defense’s Office of the Chief Information Officer, said his office has “pivoted” from strengthening the security of IT systems to protecting operational technology and weapon systems from foreign cyberthreat actors, Breaking Defense reported Thursday.
“For OT and weapon systems, we are coming out with initial zero trust guidance. Why? Because the adversary is attacking,” Resnick told the publication.
“The adversary wants to get into weapon systems to prevent their launch, or mess with the GPS coordinates, so the DoD is looking to initially secure these things beyond what they are today,” he added.
Resnick’s office intends to fully implement zero trust for IT by the end of fiscal year 2027 with plans to release zero trust guidance for OT followed by another guidance for defense critical infrastructure.
“We are going to be coming out with guidance for OT, and that’ll probably come out at the end of summer [2025] and we’ll have a date beyond 2027 where we start establishing ZT [zero trust] into OT,” Resnick noted.
“Then, of course, we’re also concerned about defense critical infrastructure, so that’s another thing,” the 2024 Wash100 awardee added.